<!DOCTYPE HTML>

<html lang="en">
<head>

<title>AbstractAuthorizeTag (spring-security-docs 5.6.3 API)</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style">
<link rel="stylesheet" type="text/css" href="../../../../../jquery/jquery-ui.css" title="Style">
<script type="text/javascript" src="../../../../../script.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip/dist/jszip.min.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils.min.js"></script>
<!--[if IE]>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils-ie.min.js"></script>
<![endif]-->
<script type="text/javascript" src="../../../../../jquery/jquery-3.5.1.js"></script>
<script type="text/javascript" src="../../../../../jquery/jquery-ui.js"></script>
</head>
<body>
<script type="text/javascript"><!--
    try {
        if (location.href.indexOf('is-external=true') == -1) {
            parent.document.title="AbstractAuthorizeTag (spring-security-docs 5.6.3 API)";
        }
    }
    catch(err) {
    }
//-->
var data = {"i0":10,"i1":10,"i2":10,"i3":10,"i4":10,"i5":10,"i6":6,"i7":6,"i8":6,"i9":10,"i10":10,"i11":10,"i12":10};
var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"],8:["t4","Concrete Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
var pathtoroot = "../../../../../";
var useModuleDirectories = true;
loadScripts(document, 'script');</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<header role="banner">
<nav role="navigation">
<div class="fixedNav">

<div class="topNav"><a id="navbar.top">

</a>
<div class="skipNav"><a href="AbstractAuthorizeTag.html#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.top.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<ul class="navListSearch">
<li><label for="search">SEARCH:</label>
<input type="text" id="search" value="search" disabled="disabled">
<input type="reset" id="reset" value="reset" disabled="disabled">
</li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_top");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="AbstractAuthorizeTag.html#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractAuthorizeTag.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="AbstractAuthorizeTag.html#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractAuthorizeTag.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.top">

</a></div>

</div>
<div class="navPadding">&nbsp;</div>
<script type="text/javascript"><!--
$('.navPadding').css('padding-top', $('.fixedNav').css("height"));
//-->
</script>
</nav>
</header>

<main role="main">
<div class="header">
<div class="subTitle"><span class="packageLabelInType">Package</span>&nbsp;<a href="package-summary.html">org.springframework.security.taglibs.authz</a></div>
<h2 title="Class AbstractAuthorizeTag" class="title">Class AbstractAuthorizeTag</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li>java.lang.Object</li>
<li>
<ul class="inheritance">
<li>org.springframework.security.taglibs.authz.AbstractAuthorizeTag</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>Direct Known Subclasses:</dt>
<dd><code><a href="JspAuthorizeTag.html" title="class in org.springframework.security.taglibs.authz">JspAuthorizeTag</a></code></dd>
</dl>
<hr>
<pre>public abstract class <span class="typeNameLabel">AbstractAuthorizeTag</span>
extends java.lang.Object</pre>
<div class="block">A base class for an &lt;authorize&gt; tag that is independent of the tag rendering
technology (JSP, Facelets). It treats tag attributes as simple strings rather than
strings that may contain expressions with the exception of the "access" attribute,
which is always expected to contain a Spring EL expression.
<p>
Subclasses are expected to extract tag attribute values from the specific rendering
technology, evaluate them as expressions if necessary, and set the String-based
attributes of this class.</div>
<dl>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>3.1.0</dd>
</dl>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.summary">

</a>
<h3>Constructor Summary</h3>
<table class="memberSummary">
<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Constructor</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#%3Cinit%3E()">AbstractAuthorizeTag</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
</table>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.summary">

</a>
<h3>Method Summary</h3>
<table class="memberSummary">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Method</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#authorize()">authorize</a></span>()</code></th>
<td class="colLast">
<div class="block">Make an authorization decision by considering all &lt;authorize&gt; tag attributes.</div>
</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#authorizeUsingAccessExpression()">authorizeUsingAccessExpression</a></span>()</code></th>
<td class="colLast">
<div class="block">Make an authorization decision based on a Spring EL expression.</div>
</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#authorizeUsingUrlCheck()">authorizeUsingUrlCheck</a></span>()</code></th>
<td class="colLast">
<div class="block">Make an authorization decision based on the URL and HTTP method attributes.</div>
</td>
</tr>
<tr id="i3" class="rowColor">
<td class="colFirst"><code>protected org.springframework.expression.EvaluationContext</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#createExpressionEvaluationContext(org.springframework.security.access.expression.SecurityExpressionHandler)">createExpressionEvaluationContext</a></span>&#8203;(<a href="../../access/expression/SecurityExpressionHandler.html" title="interface in org.springframework.security.access.expression">SecurityExpressionHandler</a>&lt;<a href="../../web/FilterInvocation.html" title="class in org.springframework.security.web">FilterInvocation</a>&gt;&nbsp;handler)</code></th>
<td class="colLast">
<div class="block">Allows the <code>EvaluationContext</code> to be customized for variable lookup etc.</div>
</td>
</tr>
<tr id="i4" class="altColor">
<td class="colFirst"><code>java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#getAccess()">getAccess</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i5" class="rowColor">
<td class="colFirst"><code>java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#getMethod()">getMethod</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i6" class="altColor">
<td class="colFirst"><code>protected abstract javax.servlet.ServletRequest</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#getRequest()">getRequest</a></span>()</code></th>
<td class="colLast">
<div class="block">This method allows subclasses to provide a way to access the ServletRequest
according to the rendering technology.</div>
</td>
</tr>
<tr id="i7" class="rowColor">
<td class="colFirst"><code>protected abstract javax.servlet.ServletResponse</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#getResponse()">getResponse</a></span>()</code></th>
<td class="colLast">
<div class="block">This method allows subclasses to provide a way to access the ServletResponse
according to the rendering technology.</div>
</td>
</tr>
<tr id="i8" class="altColor">
<td class="colFirst"><code>protected abstract javax.servlet.ServletContext</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#getServletContext()">getServletContext</a></span>()</code></th>
<td class="colLast">
<div class="block">This method allows subclasses to provide a way to access the ServletContext
according to the rendering technology.</div>
</td>
</tr>
<tr id="i9" class="rowColor">
<td class="colFirst"><code>java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#getUrl()">getUrl</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i10" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#setAccess(java.lang.String)">setAccess</a></span>&#8203;(java.lang.String&nbsp;access)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i11" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#setMethod(java.lang.String)">setMethod</a></span>&#8203;(java.lang.String&nbsp;method)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i12" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractAuthorizeTag.html#setUrl(java.lang.String)">setUrl</a></span>&#8203;(java.lang.String&nbsp;url)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.java.lang.Object">

</a>
<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
<code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.detail">

</a>
<h3>Constructor Detail</h3>
<a id="&lt;init&gt;()">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>AbstractAuthorizeTag</h4>
<pre>public&nbsp;AbstractAuthorizeTag()</pre>
</li>
</ul>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.detail">

</a>
<h3>Method Detail</h3>
<a id="getRequest()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getRequest</h4>
<pre class="methodSignature">protected abstract&nbsp;javax.servlet.ServletRequest&nbsp;getRequest()</pre>
<div class="block">This method allows subclasses to provide a way to access the ServletRequest
according to the rendering technology.</div>
</li>
</ul>
<a id="getResponse()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getResponse</h4>
<pre class="methodSignature">protected abstract&nbsp;javax.servlet.ServletResponse&nbsp;getResponse()</pre>
<div class="block">This method allows subclasses to provide a way to access the ServletResponse
according to the rendering technology.</div>
</li>
</ul>
<a id="getServletContext()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getServletContext</h4>
<pre class="methodSignature">protected abstract&nbsp;javax.servlet.ServletContext&nbsp;getServletContext()</pre>
<div class="block">This method allows subclasses to provide a way to access the ServletContext
according to the rendering technology.</div>
</li>
</ul>
<a id="authorize()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>authorize</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;authorize()
                  throws java.io.IOException</pre>
<div class="block">Make an authorization decision by considering all &lt;authorize&gt; tag attributes.
The following are valid combinations of attributes:
<ul>
<li>access</li>
<li>url, method</li>
</ul>
The above combinations are mutually exclusive and evaluated in the given order.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the result of the authorization decision</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code>java.io.IOException</code></dd>
</dl>
</li>
</ul>
<a id="authorizeUsingAccessExpression()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>authorizeUsingAccessExpression</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;authorizeUsingAccessExpression()
                                       throws java.io.IOException</pre>
<div class="block">Make an authorization decision based on a Spring EL expression. See the
"Expression-Based Access Control" chapter in Spring Security for details on what
expressions can be used.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the result of the authorization decision</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code>java.io.IOException</code></dd>
</dl>
</li>
</ul>
<a id="createExpressionEvaluationContext(org.springframework.security.access.expression.SecurityExpressionHandler)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>createExpressionEvaluationContext</h4>
<pre class="methodSignature">protected&nbsp;org.springframework.expression.EvaluationContext&nbsp;createExpressionEvaluationContext&#8203;(<a href="../../access/expression/SecurityExpressionHandler.html" title="interface in org.springframework.security.access.expression">SecurityExpressionHandler</a>&lt;<a href="../../web/FilterInvocation.html" title="class in org.springframework.security.web">FilterInvocation</a>&gt;&nbsp;handler)</pre>
<div class="block">Allows the <code>EvaluationContext</code> to be customized for variable lookup etc.</div>
</li>
</ul>
<a id="authorizeUsingUrlCheck()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>authorizeUsingUrlCheck</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;authorizeUsingUrlCheck()
                               throws java.io.IOException</pre>
<div class="block">Make an authorization decision based on the URL and HTTP method attributes. True is
returned if the user is allowed to access the given URL as defined.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the result of the authorization decision</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code>java.io.IOException</code></dd>
</dl>
</li>
</ul>
<a id="getAccess()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getAccess</h4>
<pre class="methodSignature">public&nbsp;java.lang.String&nbsp;getAccess()</pre>
</li>
</ul>
<a id="setAccess(java.lang.String)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setAccess</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setAccess&#8203;(java.lang.String&nbsp;access)</pre>
</li>
</ul>
<a id="getUrl()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getUrl</h4>
<pre class="methodSignature">public&nbsp;java.lang.String&nbsp;getUrl()</pre>
</li>
</ul>
<a id="setUrl(java.lang.String)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setUrl</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setUrl&#8203;(java.lang.String&nbsp;url)</pre>
</li>
</ul>
<a id="getMethod()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getMethod</h4>
<pre class="methodSignature">public&nbsp;java.lang.String&nbsp;getMethod()</pre>
</li>
</ul>
<a id="setMethod(java.lang.String)">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>setMethod</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setMethod&#8203;(java.lang.String&nbsp;method)</pre>
</li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
</div>
</main>

<footer role="contentinfo">
<nav role="navigation">

<div class="bottomNav"><a id="navbar.bottom">

</a>
<div class="skipNav"><a href="AbstractAuthorizeTag.html#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.bottom.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_bottom");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="AbstractAuthorizeTag.html#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractAuthorizeTag.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="AbstractAuthorizeTag.html#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractAuthorizeTag.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.bottom">

</a></div>

</nav>
</footer>
<script>if (window.parent == window) {(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)})(window,document,'script','//www.google-analytics.com/analytics.js','ga');ga('create', 'UA-2728886-23', 'auto', {'siteSpeedSampleRate': 100});ga('send', 'pageview');}</script><script defer src="https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194" integrity="sha512-Gi7xpJR8tSkrpF7aordPZQlW2DLtzUlZcumS8dMQjwDHEnw9I7ZLyiOj/6tZStRBGtGgN6ceN6cMH8z7etPGlw==" data-cf-beacon='{"rayId":"7040cd2309f7980c","token":"bffcb8a918ae4755926f76178bfbd26b","version":"2021.12.0","si":100}' crossorigin="anonymous"></script>
</body>
</html>
